The option to specify an affinity group when creating a virtual network in azure seems to have disappeared from the form. I can still attach to a location though. How do I get this option back.
Hello Dear,
This option have intentionnaly been replaced by the Region/Location as you said.
Regional Virtual Networks are supposed to be more appropriate than affinity groups.
For more information, you can go here : http://azure.microsoft.com/blog/2014/05/14/regional-virtual-networks/
Obviously, if you still want to bring back the Affinity group, then try this:
Create a Virtual Network from the Management Portal
Download the Virtual Network Configuration File
Edit the appropriate file section to get
<VirtualNetworkSitename="VNetDemo" AffinityGroup="VNetDemoAG">
instead of
<VirtualNetworkSitename="VNetUSWest" Location="West US">
Then, delete the previously created virtual network and import your file in the management portal to recreate the network with your defined settings.
Microsoft released Regional VNETs at Tech ED 2014. A Regional VNET is created on a region rather than an affinity group. Eventually, all existing Affinity Group VNETs will be migrated to be Regional VNETs. Since Regional VNETs provide significantly enhanced capabilities all new VNETs should be Regional VNETs and there is no reason whatsoever to create an Affinity Group VNET. That is presumably why you can no longer create Affinity Group VNETs in the Azure Portal.
New features include: Internal Load Balancer, Public Instance-Level Public IP Addresses, VNET-VNET connections, etc.
Related
I have Two Azure VMs which has been created for about 6 months now. The VMs are in use by different members of the same project teams, now I want to know how I can network the VMs together (for direct transfer of large files) without having to delete and recreate them.
#faruq bello If the VMs are in the same Virtual Network you should be able connect them without any additional configuration, if not please check the NSG rules or firewall on the VMs to see if it is blocking any connectivity.
If they are not in the same virtual network I think you can establish connectivity by using Virtual network peering in this scenario. If the VMs are in the same Azure region you can use Virtual network peering and across Azure region you can use Global virtual network peering. Please be aware of constraints for globally peered virtual networks.
I already have a resource group in azure that has a virtual machine and it is associated with a network interface to connect to a vnet in that group.
resource-group-1
-> virtual machine
-> network interface
-> vnet
-> other things ...
But now i created a second resource group which will have some resources and a vnet. I want to use for now, the same virtual machine that exists on resource-group-1, so i created a network interface there:
resource-group-2
-> network interface 2
-> vnet 2
Now i want to connect the network interface 2 of resource-group-1 to the virtual machine in resource-group-2.
I already tried, like the documentation says to stop the VM and going to Settings, Networking and Attach network interface, but i don't seem to be able to select anything useful there.
It seems that some time ago, this changes could only be done through powershell.
Another thing i saw is that we cannot change the vnet when adding a new nic to a VM. This might not be possible at all?
Currently, i guess the following options might make this possible
Find a way to change the VNET of the VM, which will make it stop working with the old VNET.
Create an equal VM with a snapshot for the new VNET.
Connect the two VNETs and probably it will magically work?
It's impossible to add a new network interface that exists in the different VNet from the network interface currently attached to the VM to an existing VM. You can not add two NICs in different VNets to the same Azure VM. Refer to this.
If you want to move your azure VM and its NIC to another resource group, a simple way is to move a VM to another resource group. Read supported moving resources.
In addition, there is a Step-by-Step PowerShell Guide: How to Move Azure VM to a different Resource Group?
Im trying to Add existing virtual network on the screenshot above in Azure, but when I select the Subscription, the virtual network I want to connect to does not show up.
I had a google but couldn't find much to help, can anyone help me understand why my azure vnet cannot be attached at the moment and what needs to be changed on it to allow me to add it?
Virtual Network Rule has some limitations, you need to make your environment does not contain any of the following:
You can only add virtual network which has the same geographic region with your Azure logical SQL server. For example, if my logical SQL server is in Southeast Asia but my virtual network in East US then I will not be able to see it listed when adding a rule.
Rule can only be applied with Azure Resource Manager.
Rules cannot be applied with S2S VPN or ExpressRoute.
Moreover, to fully utilize virtual network rule, you need to also enable Microsoft.SQL service endpoint on your subnet. Click Service endpoints > Add. Choose service and subnet you want to enable service endpoint. Currently (as of this answer) only Storage and Azure SQL are available. Note that this is not actually required to do here, when adding existing virtual network (from logical server) you are given an option to enable service endpoint.
I'm getting started using docker-machine on my Windows 2016 box. I'm trying to create some VMs in Azure but I have a particular network security group that I want for it to use and which already exists in Azure. I ran docker-machine create --driver azure and looked over the small help text which tells me how to set the resource group, subnet, etc but I don't see an option for network security group. Is there a way to specify an existing network security group for docker-machine to use when creating VMs in Azure?
Ok, so according to the documentation, you should use Subnet\VNet or Availability Set. The reason you are asking this is because you don't understand how NSG's work in Azure. NSG's are attached to a VNet or Subnet, so deploying a VM\Container into that Subnet\VNet will effectively attach that NSG to the entity you are deploying. But as the documentation states - "Once the machine is created, you can modify Network Security Group rules and open ports of the machine from the Azure Portal.".
So I suppose it creates a new NSG each time you deploy something, so there's no way to achieve that what you are trying (at least for now).
What you could try is deploy to an existing VNet and check if no new NSG are being created specifically for that container host which you are deploying. If that holds and you have an NSG in place, you've achieved what you want exactly.
I've just created a "new" virtual machine in Windows Azure. I say "new" because there is a "Virtual Machine (classic)" option.
The "new" virtual machine is not accesible by the "old" https://manage.windowsazure.com, it's only accesible by the "new" https://portal.azure.com
My problem is that I've expent a couple of days configuring the "new" Virtual Machine and now I want to open the port 80... but I don't find the "endpoint" configuration!!
I've been looking for it many hours :S
Any clues?
Azure Resource Managed VMs now use the concept of Network adapters, Virtual Networks and Security Groups to manage ingress, egress from a machine.
A virtual machine has a network adapter attached, the adapter is placed within a subnet within a virtual network. A security group can then be placed against the subnet and / or the network adapter.
The network adapter can optionally have a publically accessible address bound to it. Either dynamically or statically bound (i.e. if you take a fixed address, you will be charged for it for when the machine isn't running)
I'm not entirely sure its possible to create a security group via the portal (at least I couldn't find any option for it when I just (albeit briefly) looked.
However you can use New-AzureNetworkSecurityGroup to create a security group and then attach it to your Nic through the portal and also configure the security policy. Which you get to via -
Virtual machines -> VNMame-> Settings -> Network interfaces -> NicName -> Choose network security group
It is a little more complicated than the previous method, but once you're used to it it is a lot more flexible.
Edited to add
Depending on your config, you might need to a public IP address attaching also - use New-AzurePublicIpAddress
It's all good. The get-help wasn't up to date and optional params are actually needed. Just make sure to use all params